HTTP Headers Analysis for https://iris.vanilla.tools

Detected Technologies from Headers

See all in URL Inspect 1

Imperva

HTTP Security Headers

Status

Strict-Transport-Security

Good

max-age=31536000; includeSubDomains

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Consider adding 'preload' to HSTS for maximum security
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

no-cache, private

cache-control: no-cache, private

Content Headers

Content-Type

Content

text/html; charset=UTF-8

content-type: text/html; charset=UTF-8

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: XSRF-TOKEN=eyJpdiI6ImllaTI2dlAvOWswOW9QYld0bGNYd3c9PSIsInZhbHVlIjoiRTd5b2dNY2lKc1J0ckl3dUM5bzM4MHR2MDMyNzN6R28rNE1PNjZTVUVpU21pUFpuRVVwV0x5Mi9ObFMwaStLckR0RE03djcxbkpZNlZqaU42REpOU1MvTFRNU01VZXM1ZlpsbXFoQU5mTnUwSzRUelVmYkNnR2VLeUU3Z1M3NFUiLCJtYWMiOiJjODhjODQzYTM0YzI1MjYxMTY0MWRlYjc3MGNkZjk5OTRhZjAxYTY5OTY2OTVkZjRhYTliMDQ3Mzc4OGZiZTJlIiwidGFnIjoiIn0%3D; expires=Sun, 22 Feb 2026 15:25:00 GMT; Max-Age=86400; path=/; samesite=lax
newsletter_builder_session=eyJpdiI6IkFZQjZiNUlCNlI0VEtWRHRkbDEyR2c9PSIsInZhbHVlIjoiZVdBUjh6d2ppTEVYZ1BuNmFCMlVFczhteWI4cUpjVkNiMUZtWHBtVzRiMmg3T1Q5UzBYOHZsbStSLzdHMFZXamVwbVUyOXdtdytSRFBpd0xKeno2ZnNkdzVnUk9ieGgvNVdzcTVVOU1oWThGUjBkV0dQRUFVR3o5UWJlSkx0ZnoiLCJtYWMiOiIyZWYxY2MwZDhlOTQ1MDM3YmQxNzRlY2IzNDI5YzQ2ZDlhM2MyMTVlN2RhOTM4Njc2ZWUyMmIwMTUxZGUxMjIwIiwidGFnIjoiIn0%3D; expires=Sun, 22 Feb 2026 15:25:00 GMT; Max-Age=86400; path=/; httponly; samesite=lax
visid_incap_3118858=6O1x2DLkSRir9MZY4CXYCEzOmWkAAAAAQUIPAAAAAABaYy1PoHMRMOQ0bfp3FOcW; expires=Sun, 21 Feb 2027 06:33:55 GMT; HttpOnly; path=/; Domain=.vanilla.tools; Secure; SameSite=None
nlbi_3118858=3t36EVuGk1NSPsfvkgYNQwAAAADbonEB5cfInDh3gaxSXbLg; HttpOnly; path=/; Domain=.vanilla.tools; Secure; SameSite=None
incap_ses_78_3118858=JlzVQmaDQQpBHzqYLR0VAUzOmWkAAAAA/we2G3uBbCbh6wOPcd2sxw==; path=/; Domain=.vanilla.tools; Secure; SameSite=None

Other Headers

Date

Other

Sat, 21 Feb 2026 15:25:00 GMT

X-Cdn

Other

Imperva

X-Ftr-Backend

Other

van-prod

X-Ftr-Backend-Server

Other

http.van-prod

X-Ftr-Balancer

Other

vanilla-mochi-http-haproxy-prod-2

X-Ftr-Request-Id

Other

00000000000000000000FFFFC68F251F:5226_00000000000000000000FFFFB9711938:01BB_6999CE4C_8F9786:188583

X-Iinfo

Other

14-97596187-97596189 NNNY CT(81 87 0) RT(1771687500634 7) q(0 0 0 2) r(0 3) U24

date: Sat, 21 Feb 2026 15:25:00 GMT
x-cdn: Imperva
x-ftr-backend: van-prod
x-ftr-backend-server: http.van-prod
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id: 00000000000000000000FFFFC68F251F:5226_00000000000000000000FFFFB9711938:01BB_6999CE4C_8F9786:188583
x-iinfo: 14-97596187-97596189 NNNY CT(81 87 0) RT(1771687500634 7) q(0 0 0 2) r(0 3) U24

Recommendations

Enable compression (gzip/brotli) to improve performance